Rockwell Automation Thinmanager Thinserver vulnerabilities
14 known vulnerabilities affecting rockwell_automation/thinmanager_thinserver.
Total CVEs
14
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH6MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-2917P1CRITICALCVSS 9.8PoCv11.0.0 - 11.2.6v11.1.0 - 11.1.6+5 more2023-08-17
CVE-2023-2917 [CRITICAL] CWE-20 CVE-2023-2917: The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerabi
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability. Due to an improper input validation, a path traversal vulnerability exists, via the filename field, when the ThinManager processes a certain function. If exploited, an unauthenticated remote attacker can upload arbitrary files to any directory on
nvd
CVE-2023-2915P1CRITICALCVSS 9.1PoCv11.0.0 - 11.2.6v11.1.0 - 11.1.6+5 more2023-08-17
CVE-2023-2915 [CRITICAL] CWE-20 CVE-2023-2915: The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerabi
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, Due to improper input validation, a path traversal vulnerability exists when the ThinManager software processes a certain function. If exploited, an unauthenticated remote threat actor can delete arbitrary files with system privileges. A maliciou
nvd
CVE-2023-27856P2HIGHCVSS 7.5PoCv6.x - 10.xv11.0.0 - 11.0.5+5 more2023-03-22
CVE-2023-27856 [HIGH] CWE-22 CVE-2023-27856: In affected versions, path traversal exists when processing a message of type 8 in Rockwell Aut
In affected versions, path traversal exists when processing a message of type 8
in Rockwell Automation's ThinManager ThinServer.
An unauthenticated remote attacker can exploit this vulnerability to download arbitrary files on the disk drive where ThinServer.exe is installed.
nvd
CVE-2023-27855P2CRITICALCVSS 9.8PoCv6.x - 10.xv11.0.0 - 11.0.5+5 more2023-03-22
CVE-2023-27855 [CRITICAL] CWE-22 CVE-2023-27855: In affected versions, a path traversal exists when processing a message in Rockwell Automation's Th
In affected versions, a path traversal exists when processing a message in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker could potentially exploit this vulnerability to upload arbitrary files to any directory on the disk drive where ThinServer.exe is installed. The attacker could overwrite existing executable files
nvd
CVE-2022-38742P2CRITICALCVSS 9.8≥ 11.0.0, ≤ 13.0.02022-09-23
CVE-2022-38742 [CRITICAL] CWE-122 CVE-2022-38742: Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based bu
Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution.
nvd
CVE-2024-5988P2CRITICALCVSS 9.8v11.1.0v11.2.0+5 more2024-06-25
CVE-2024-5988 [CRITICAL] CWE-20 CVE-2024-5988: Due to an improper input validation, an unauthenticated threat actor can send a malicious message to
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke a local or remote executable and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™.
nvd
CVE-2024-5989P2CRITICALCVSS 9.8v11.0.0v11.2.0+5 more2024-06-25
CVE-2024-5989 [CRITICAL] CWE-20 CVE-2024-5989: Due to an improper input validation, an unauthenticated threat actor can send a malicious message to
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to invoke SQL injection into the program and cause a remote code execution condition on the Rockwell Automation ThinManager® ThinServer™.
nvd
CVE-2024-7988P2CRITICALCVSS 9.8v11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.12024-08-26
CVE-2024-7988 [CRITICAL] CWE-20 CVE-2024-7988: A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ tha
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ that allows a threat actor to execute arbitrary code with System privileges. This vulnerability exists due to the lack of proper data input validation, which allows files to be overwritten.
nvd
CVE-2023-2914P3HIGHCVSS 7.5v11.0.0 - 11.2.6v11.1.0 - 11.1.6+5 more2023-08-17
CVE-2023-2914 [HIGH] CWE-20 CVE-2023-2914: The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerabi
The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchro
nvd
CVE-2023-27857P3HIGHCVSS 7.5v6.x - 10.xv11.0.0 - 11.0.5+5 more2023-03-22
CVE-2023-27857 [HIGH] CWE-125 CVE-2023-27857: In affected versions, a heap-based buffer over-read condition occurs when the message field indica
In affected versions, a heap-based buffer over-read condition occurs when the message field indicates more data than is present in the message field
in Rockwell Automation's ThinManager ThinServer. An unauthenticated remote attacker can exploit this vulnerability to crash ThinServer.exe due to a read access violation.
nvd
CVE-2024-5990P3HIGHCVSS 7.5v11.1.0v11.2.0+4 more2024-06-25
CVE-2024-5990 [HIGH] CWE-20 CVE-2024-5990: Due to an improper input validation, an unauthenticated threat actor can send a malicious message to
Due to an improper input validation, an unauthenticated threat actor can send a malicious message to a monitor thread within Rockwell Automation ThinServer™ and cause a denial-of-service condition on the affected device.
nvd
CVE-2024-7987P3HIGHCVSS 7.8v11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.12024-08-26
CVE-2024-7987 [HIGH] CWE-434 CVE-2024-7987: A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™ tha
A remote code execution vulnerability exists in the Rockwell Automation ThinManager® ThinServer™
that allows a threat actor to execute arbitrary code with System privileges. To exploit this vulnerability and a threat actor must abuse the ThinServer™ service by creating a junction and use it to upload arbitrary files.
nvd
CVE-2024-7986P3HIGHCVSS 7.5v11.1.0-11.1.7 11.2.0-11.2.8 12.0.0-12.0.6 12.1.0-12.1.7 13.0.0-13.0.4 13.1.0-13.1.2 13.2.0-13.2.12024-08-23
CVE-2024-7986 [HIGH] CWE-732 CVE-2024-7986: A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor
A vulnerability exists in the Rockwell Automation ThinManager® ThinServer that allows a threat actor to disclose sensitive information. A threat actor can exploit this vulnerability by abusing the ThinServer™ service to read arbitrary files by creating a junction that points to the target directory.
nvd
CVE-2023-2913P3MEDIUMCVSS 6.5v13.0.0 - 13.0.2v13.1.02023-07-18
CVE-2023-2913 [MEDIUM] CWE-23 CVE-2023-2913: An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API
An executable used in Rockwell Automation ThinManager ThinServer can be configured to enable an API feature in the HTTPS Server Settings. This feature is disabled by default. When the API is enabled and handling requests, a path traversal vulnerability exists that allows a remote actor to leverage the privileges of the server’s file system and read arbi
nvd